The Agent Skills Directory

[SAFE]: The skill defines a structured framework for summarizing session state, including project details, task progress, and upcoming actions. All processing is confined to the agent's internal context management and output generation without the use of external tools.- [SAFE]: No network communications, remote downloads, or sensitive file system access patterns were detected. The skill does not request or use any credentials or environment variables.- [PROMPT_INJECTION]: The skill uses imperative instructions to control the agent's context, such as "Checkpoint replaces conversation history" and "The checkpoint IS the history." While these mimic patterns seen in instructions to ignore previous rules, they are legitimate functional constraints for a context compression utility.- [PROMPT_INJECTION]: The skill instructs the agent to suppress all explanatory text or preambles ("The checkpoint IS the output — nothing before, nothing after"), which is a form of output concealment used to maintain summary density but limits transparency for the user.- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests and summarizes untrusted conversation history.
Ingestion points: Agent's conversation history.
Boundary markers: None present in the CKPT[N] format.
Capability inventory: No capabilities for command execution, network access, or file system modification are included in the skill.
Sanitization: No sanitization or escaping of ingested data (tasks, blockers, decisions) is specified.- [SAFE]: The skill contains a conditional execution mechanism that triggers every five turns in "SIGNAL-3 mode." This usage counter is a standard automation feature and does not gate any high-risk operations.

signal-ckpt